/**
* 文件上传处理
*
* @return void
*/
public function swfupload()
{
$uid = (int) dr_authcode(str_replace(' ', '+', $this->input->post('session')), 'DECODE');
if (!$uid) {
exit('0,' . lang('m-142'));
}
// 根据页面传入的session来获取当前登录uid,未获取到uid时提示游客无法上传
$this->member = $this->member_model->get_member($uid);
// 获取会员信息
// 游客不允许上传,未获取到会员信息时提示游客无法上传
if (!$this->member) {
exit('0,' . lang('m-142'));
}
// 会员组权限
$member_rule = $this->get_cache('member', 'setting', 'permission', $this->member['mark']);
// 是否允许上传附件
if (!$this->member['adminid'] && !$member_rule['is_upload']) {
exit('0,' . lang('m-143'));
}
// 附件总大小判断
if (!$this->member['adminid'] && $member_rule['attachsize']) {
$data = $this->db->select_sum('filesize')->where('uid', $uid)->get('attachment')->row_array();
$filesize = (int) $data['filesize'];
if ($filesize > $member_rule['attachsize'] * 1024 * 1024) {
exit('0,' . dr_lang('m-147', $member_rule['attachsize'] . 'MB', dr_format_file_size($filesize)));
}
}
if (IS_POST) {
$code = str_replace(' ', '+', $this->input->post('code'));
list($size, $ext, $path) = explode('|', dr_authcode($code, 'DECODE'));
if ($path) {
$path = FCPATH . 'member/uploadfile/' . $path . '/';
} else {
$path = FCPATH . 'member/uploadfile/' . date('Ym', SYS_TIME) . '/';
}
if (!is_dir($path)) {
dr_mkdirs($path);
}
$this->load->library('upload', array('max_size' => (int) $size * 1024, 'overwrite' => FALSE, 'file_name' => substr(md5(time()), rand(0, 20), 10), 'upload_path' => $path, 'allowed_types' => str_replace(',', '|', $ext), 'file_ext_tolower' => TRUE));
if ($this->upload->do_upload('Filedata')) {
$info = $this->upload->data();
$this->load->model('attachment_model');
$result = $this->attachment_model->upload($uid, $info);
if (!is_array($result)) {
exit('0,' . $result);
}
list($id, $file, $_ext) = $result;
$icon = is_file(FCPATH . 'omooo/statics/images/ext/' . $_ext . '.gif') ? SITE_URL . 'omooo/statics/images/ext/' . $_ext . '.gif' : SITE_URL . 'omooo/statics/images/ext/blank.gif';
//唯一ID,文件全路径,图标,文件名称,文件大小,扩展名
exit($id . ',' . dr_file($file) . ',' . $icon . ',' . str_replace(array('|', '.' . $_ext), '', $info['client_name']) . ',' . dr_format_file_size($info['file_size'] * 1024) . ',' . $_ext);
} else {
exit('0,' . $this->upload->display_errors('', ''));
}
}
}
/**
* 字段表单输入
*
* @param string $cname 字段别名
* @param string $name 字段名称
* @param array $cfg 字段配置
* @param array $data 值
* @return string
*/
public function input($cname, $name, $cfg, $value = NULL, $id = 0)
{
// 字段显示名称
$text = (isset($cfg['validate']['required']) && $cfg['validate']['required'] == 1 ? '<font color="red">*</font>' : '') . ' ' . $cname . ':';
// 表单附加参数
$attr = isset($cfg['validate']['formattr']) && $cfg['validate']['formattr'] ? $cfg['validate']['formattr'] : '';
// 字段提示信息
$tips = isset($cfg['validate']['tips']) && $cfg['validate']['tips'] ? '<div class="onShow" id="dr_' . $name . '_tips">' . $cfg['validate']['tips'] . '</div>' : '';
// 当字段必填时,加入html5验证标签
if (isset($cfg['validate']['required']) && $cfg['validate']['required'] == 1) {
$attr .= ' required="required"';
}
// 禁止修改
$disabled = !IS_ADMIN && $id && $value && isset($cfg['validate']['isedit']) && $cfg['validate']['isedit'] ? 'disabled' : '';
// 上传的URL
$url = MEMBER_PATH . 'index.php?c=api&m=upload&name=' . $name . '&count=1&code=' . str_replace('=', '', dr_authcode($cfg['option']['size'] . '|' . $cfg['option']['ext'] . '|' . $this->get_upload_path($cfg['option']['uploadpath']), 'ENCODE'));
// 文件值
$file = $info = '';
if ($value) {
$file = $value;
$data = dr_file_info($file);
if ($data) {
$size = $data['size'] ? ' (' . $data['size'] . ')' : '';
$info = '<a href="javascript:;" onclick="dr_show_file_info(\'' . $file . '\')"><img align="absmiddle" src="' . $data['icon'] . '"><div class="onCorrect">' . $data['filename'] . $size . ' </div></a>';
}
unset($data);
}
// 上传按钮与表单值
$tool = '<input type="hidden" id="dr_' . $name . '" name="data[' . $name . ']" value="' . $file . '" ' . $attr . ' />
<input type="button" style="cursor:pointer;" ' . $disabled . ' class="button" onclick="dr_upload_file(\'' . $name . '\', \'' . $url . '\')" value="' . lang('m-119') . '" />
<input type="button" style="cursor:pointer;" class="button" onclick="dr_delete_file(\'' . $name . '\')" value="' . lang('m-346') . '" />
';
// 文件信息查看
$finfo = '<span id="show_' . $name . '" />' . $info . '</span>' . $tips;
return $this->input_format($name, $text, $tool . $finfo);
}
/**
* 字段表单输入
*
* @param string $cname 字段别名
* @param string $name 字段名称
* @param array $cfg 字段配置
* @param string $value 值
* @return string
*/
public function input($cname, $name, $cfg, $value = NULL, $id = 0)
{
// 字段显示名称
$text = (isset($cfg['validate']['required']) && $cfg['validate']['required'] == 1 ? '<font color="red">*</font>' : '') . ' ' . $cname . ':';
// 表单附加参数
$attr = isset($cfg['validate']['formattr']) && $cfg['validate']['formattr'] ? $cfg['validate']['formattr'] : '';
// 字段提示信息
$tips = isset($cfg['validate']['tips']) && $cfg['validate']['tips'] ? '<div class="onShow" id="dr_' . $name . '_tips">' . $cfg['validate']['tips'] . '</div>' : '';
// 当字段必填时,加入html5验证标签
if (isset($cfg['validate']['required']) && $cfg['validate']['required'] == 1) {
$attr .= ' required="required"';
}
// 表单选项
$disabled = !IS_ADMIN && $id && $value && isset($cfg['validate']['isedit']) && $cfg['validate']['isedit'] ? 'disabled' : '';
// 上传的URL
$url = MEMBER_PATH . 'index.php?c=api&m=upload&name=' . $name . '&count=1&code=' . str_replace('=', '', dr_authcode($cfg['option']['size'] . '|' . $cfg['option']['ext'] . '|' . $this->get_upload_path($cfg['option']['uploadpath']), 'ENCODE'));
// 文件值
$file = $info = '';
$value = dr_string2array($value);
if ($value['file']) {
$file = $value['file'];
$data = dr_file_info($file);
if ($data) {
$size = $data['size'] ? ' (' . $data['size'] . ')' : '';
$info = '<a href="javascript:;" onclick="dr_show_file_info(\'' . $file . '\')"><img align="absmiddle" src="' . $data['icon'] . '"><div class="onCorrect">' . $data['filename'] . $size . ' </div></a>';
}
unset($data);
$default = '';
if ($value['point']) {
$i = 0;
foreach ($value['point'] as $time => $title) {
$default .= '
<li id="dr_items_' . $name . '_' . $i . '">
时间(秒):<input type="text" class="input-text" style="width:70px;" value="' . $time . '" name="data[' . $name . '][time][]"> 提示文字:<input type="text" class="input-text" style="width:250px;" value="' . $title . '" name="data[' . $name . '][title][]\\"> <a href="javascript:;" onclick="$(\'#dr_items_' . $name . '_' . $i . '\').remove()">' . lang('del') . '</a>
</li>';
$i++;
}
}
}
// 显示框宽度设置
$width = isset($cfg['option']['width']) && $cfg['option']['width'] ? $cfg['option']['width'] : '80%';
$str = '<fieldset class="blue pad-10" style="width:' . $width . (is_numeric($width) ? 'px' : '') . ';">
<legend>' . $cname . '</legend>
<div class="picList">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td style="text-align:left;padding-left:0;">
<span>' . dr_lang('m-138', str_replace('|', '、', $cfg['option']['ext'])) . '</span>
<input type="hidden" id="dr_' . $name . '" name="data[' . $name . '][file]" value="' . $file . '" ' . $attr . ' />
<input type="button" style="cursor:pointer;" ' . $disabled . ' class="button" onclick="dr_upload_file(\'' . $name . '\', \'' . $url . '\')" value="' . lang('m-119') . '" />
<span id="show_' . $name . '" />' . $info . '</span>' . $tips . '
</td>
</tr>
</table>
<ul id="' . $name . '-sort-items" style="margin-top:8px;">
' . $default . '
</ul>
</div>
<div class="picBut cu">
<a href="javascript:;" onClick="dr_add_video_' . $name . '()">添加提示点</a>
</div>
<div class="onShow" style="margin-top:2px;">鼠标经过进度栏N秒时,N秒会提示相应的文字</div>
<script type="text/javascript">
$("#' . $name . '-sort-items").sortable();
var id=$("#' . $name . '-sort-items li").size();
function dr_add_video_' . $name . '() {
id ++;
var html = "<li id=\\"dr_items_' . $name . '_"+id+"\\">";
html+= "时间(秒):<input type=\\"text\\" class=\\"input-text\\" style=\\"width:70px;\\" value=\\"\\" name=\\"data[' . $name . '][time][]\\"> ";
html+= "提示文字:<input type=\\"text\\" class=\\"input-text\\" style=\\"width:250px;\\" value=\\"\\" name=\\"data[' . $name . '][title][]\\"> ";
html+= "<a href=\\"javascript:;\\" onclick=\\"$(\'#dr_items_' . $name . '_"+id+"\').remove()\\">' . lang('del') . '</a>";
html+= "</li>";
$("#' . $name . '-sort-items").append(html);
}
</script>
</fieldset>
';
return $this->input_format($name, $text, $str);
}
/**
* 字段表单输入
*
* @param string $cname 字段别名
* @param string $name 字段名称
* @param array $cfg 字段配置
* @param array $data 值
* @return string
*/
public function input($cname, $name, $cfg, $value = NULL, $id = 0)
{
// 字段显示名称
$text = (isset($cfg['validate']['required']) && $cfg['validate']['required'] == 1 ? '<font color="red">*</font>' : '') . ' ' . $cname . ':';
// 显示框宽度设置
$width = isset($cfg['option']['width']) && $cfg['option']['width'] ? $cfg['option']['width'] : '80%';
// 表单附加参数
$attr = isset($cfg['validate']['formattr']) && $cfg['validate']['formattr'] ? $cfg['validate']['formattr'] : '';
// 字段提示信息
$tips = isset($cfg['validate']['tips']) && $cfg['validate']['tips'] ? '<div class="onShow" id="dr_' . $name . '_tips">' . $cfg['validate']['tips'] . '</div>' : '';
// 禁止修改
$disabled = !IS_ADMIN && $id && $value && isset($cfg['validate']['isedit']) && $cfg['validate']['isedit'] ? 'disabled' : '';
// 当字段必填时,加入html5验证标签
if (isset($cfg['validate']['required']) && $cfg['validate']['required'] == 1) {
$attr .= ' required="required"';
}
// 上传的URL
$url = MEMBER_PATH . 'index.php?c=api&m=upload&name=' . $name . '&code=' . str_replace('=', '', dr_authcode($cfg['option']['size'] . '|' . $cfg['option']['ext'] . '|' . $this->get_upload_path($cfg['option']['uploadpath']), 'ENCODE'));
// 字段默认值
$file_value = '';
$value && ($value = dr_string2array($value));
// 默认值输出
if ($value && isset($value['file'])) {
foreach ($value['file'] as $id => $fileid) {
$info = dr_file_info($fileid);
$title = $value['title'][$id];
$file_value .= '
<li id="files_' . $name . '_999' . $id . '" list="999' . $id . '" style="cursor:move;">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="80" style="text-align:right">
' . ($id + 1) . '、
<a href="javascript:;" title="' . lang('edit') . '" onclick="dr_edit_file(\'' . $url . '&count=1\',\'' . $name . '\',\'999' . $id . '\')"><img align="absmiddle" src="' . SITE_URL . 'dayrui/statics/images/b_edit.png"></a>
<a href="javascript:;" title="' . lang('del') . '" onclick="dr_remove_file(\'' . $name . '\',\'999' . $id . '\')"><img align=\\"absmiddle\\" src="' . SITE_URL . 'dayrui/statics/images/b_drop.png"></a>
</td>
<td>
<input type="hidden" value="' . $fileid . '" name="data[' . $name . '][file][]" id="fileid_' . $name . '_999' . $id . '" />
<input type="text" class="input-text" style="width:300px;" value="' . $title . '" name="data[' . $name . '][title][]" />
<span id="span_' . $name . '_999' . $id . '">
<a href="javascript:;" onclick="dr_show_file_info(\'' . $fileid . '\')"><img align="absmiddle" src="' . $info['icon'] . '">
<div class="onCorrect">' . $info['size'] . ' </div></a>
</span>
</td>
</tr>
</table>
</li>';
}
}
// 输出变量
$str = '';
// 加载js
if (!defined('FINECMS_FILES_LD')) {
$str .= '<script type="text/javascript" src="' . MEMBER_PATH . 'statics/js/jquery-ui.min.js"></script>';
$str .= '<script type="text/javascript">var homeurl = "' . SITE_URL . '"</script>';
define('FINECMS_FILES_LD', 1);
//防止重复加载JS
}
$str .= '<fieldset class="blue pad-10" style="width:' . $width . (is_numeric($width) ? 'px' : '') . ';">';
$str .= ' <legend>' . lang('m-120') . '</legend>';
$str .= ' <div class="picList" id="list_' . $name . '_files">';
$str .= ' <ul id="' . $name . '-sort-items">';
$str .= $file_value;
$str .= ' </ul>';
$str .= ' </div>';
$str .= '</fieldset>';
$str .= '<div class="bk10"></div>';
$str .= '<div class="picBut cu">';
if (!$disabled) {
$str .= '<a href="javascript:;" onClick="dr_upload_files(\'' . $name . '\',\'' . $url . '\', \'\', \'' . (int) $cfg['option']['count'] . '\')">' . lang('m-119') . '</a>';
}
$str .= '</div>';
$str .= '<script type="text/javascript">$("#' . $name . '-sort-items").sortable();</script>' . $tips;
// 输出最终表单显示
return $this->input_format($name, $text, $str);
}
/**
* 站点间的同步登录
*/
protected function api_synlogin()
{
$code = dr_authcode(str_replace(' ', '+', $this->input->get('code')));
if (!$code) {
exit('code is null');
}
list($uid, $salt) = explode('-', $code);
if (!$uid || !$salt) {
exit('data is null');
}
if (!$this->db->where('uid', $uid)->where('salt', $salt)->count_all_results('member')) {
exit('check error');
}
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
$expire = $this->input->get('expire') ? $this->input->get('expire') : 86400;
$this->input->set_cookie('member_uid', $uid, $expire);
$this->input->set_cookie('member_cookie', substr(md5(SYS_KEY . $uid), 5, 20), $expire);
exit('ok');
}
/**
* 前端会员验证登录
*
* @param string $username 用户名
* @param string $password 明文密码
* @param intval $expire 会话生命周期
* @param intval $back 是否返回字段
* @return string|intval|array
* string 登录js同步代码
* int -1 会员不存在
* int -2 密码不正确
* int -3 Ucenter注册失败
* int -4 Ucenter:会员名称不合法
*/
public function login($username, $password, $expire, $back = 0)
{
// 查询会员信息
$data = $this->db->where('username', $username)->get('member')->row_array();
$MEMBER = $this->ci->get_cache('member');
$ucsynlogin = '';
if ($MEMBER['setting']['ucenter']) {
// Ucenter 验证
list($uid, $username, $password, $email) = uc_user_login($username, $password);
if ($uid > 0) {
// 当前会员不存在时就重新注册
if (!$data) {
$data['uid'] = $this->_register(array('username' => $username, 'password' => $password, 'email' => $email));
if (!$data['uid']) {
return -3;
}
}
$ucsynlogin = uc_user_synlogin($uid);
} elseif ($uid == -1) {
// Ucenter会员不存在
if (!$data) {
return -1;
}
// 注册Ucenter会员
$uid = uc_user_register($data['username'], $password, $data['email']);
if ($uid > 0) {
$ucsynlogin = uc_user_synlogin($uid);
} elseif ($uid == -1) {
return -4;
} else {
return -3;
}
} else {
return -2;
}
} else {
// 高级验证
if (!$data) {
$data = dr_vip_login($this->db, $username);
}
// 会员不存在
if (!$data) {
return -1;
}
// 密码验证
$password = trim($password);
if (md5(md5($password) . $data['salt'] . md5($password)) != $data['password']) {
return -2;
}
}
$this->_login_log($data['uid']);
// 返字段值,默认返回email
if ($back) {
return $data;
}
// 存在Ucenter时采用Ucenter同步方式
if ($ucsynlogin) {
return $ucsynlogin;
}
$synlogin = '';
if ($MEMBER['synurl']) {
foreach ($MEMBER['synurl'] as $url) {
$code = dr_authcode($data['uid'] . '-' . $data['salt'], 'ENCODE');
$synlogin .= '<script type="text/javascript" src="' . $url . '/index.php?c=api&m=synlogin&expire=' . $expire . '&code=' . $code . '"></script>';
}
} else {
$code = dr_authcode($data['uid'] . '-' . $data['salt'], 'ENCODE');
$synlogin = '******' . SITE_URL . 'member/index.php?c=api&m=synlogin&expire=' . $expire . '&code=' . $code . '"></script>';
}
return $synlogin;
}
